<?php /** 修改密码的 API **/
require_once '../config/req.conf.php';
require_once '../utils/CommonMethods.php';
require_once '../utils/VerifyFormData.php';
require_once '../utils/DBUtils.php';

/* 1. 解析token获取用户信息 */
$headers = apache_request_headers(); // 请求头信息获取
$info = VerifyFormData::parseToken($headers['Authorization']);
if( CommonMethods::isEmpty($info) ) {
    RespJson::fail("token错误");
    return;
}

/* 2. 提交的表单进行验证 */
if( !VerifyFormData::setPasswordDataVerify($_POST) ) return;

/* 3. 密码验证 */
DBUtils::init();
$sql = DBUtils::getSql("php_user")
    ->where("uniqueID = '{$info['uniqueID']}' and password = MD5('{$_POST['password']}')")
    ->select();
$result = DBUtils::queryOne($sql);
if( CommonMethods::isEmpty($result) ){
    RespJson::fail("密码错误");
    return;
}

/* 4. 进行数据库修改密码 */
$sql = DBUtils::getSql("php_user")
    ->set("password = MD5('{$_POST['newPassword']}')")
    ->where("id = {$info['id']}")
    ->update();
$isSuccess = DBUtils::execute($sql);
if( !$isSuccess ){
    RespJson::fail("修改失败");
    return;
}
RespJson::success(null);

